package com.xr.service;

import com.xr.pojo.Permission;
import com.xr.pojo.Role;
import com.xr.pojo.User;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;

import java.util.ArrayList;
import java.util.HashSet;
import java.util.List;
import java.util.Set;

public class UserService implements UserDetailsService {

    @Autowired //开启注解
    private BCryptPasswordEncoder passwordEncoder;


    @Override
    public UserDetails loadUserByUsername(String s) throws UsernameNotFoundException {
       //根据用户名查询用户信息
        //TODO 从数据库
        User user = findByUsername(s);
        if (user!=null){
            //存在
            //角色和权限的集合
            List<GrantedAuthority> list=new ArrayList<>();
            //循环读取用户身上所携带的角色信息
            user.getRoles().forEach(r->{
                //将角色信息添加到list中
                list.add(new SimpleGrantedAuthority(r.getName()));

                //循环读取角色所携带的权限
                r.getPermissions().forEach(p->{
                    //将权限信息添加到list中
                    list.add(new SimpleGrantedAuthority(p.getName()));
                });
            });
            //将用户信息以及角色权限信息交给spring security中的User对象中
            //security去做安全认证和授权
            //a.密码校对
//            org.springframework.security.core.userdetails.User securityUser=new org.springframework.security.core.userdetails.User(s,"{noop}"+user.getUserPassword(),list);
            org.springframework.security.core.userdetails.User securityUser=new org.springframework.security.core.userdetails.User(s,user.getUserPassword(),list);
            return securityUser;
        }
        //不存在
        return null;
    }

    /**
     * 模拟数据库查询
     */
    private User findByUsername (String username){
        if("admin".equals(username)) {
            User user = new User();
            user.setUserPassword(passwordEncoder.encode("admin"));
            user.setUserName("admin");

            Role role = new Role();
            role.setName("ROLE_ADMIN");
            Permission permission = new Permission();
            permission.setName("ADD_CHECKITEM");
            role.getPermissions().add(permission);

            List<Role> roleList = new ArrayList<>();
            roleList.add(role);

            user.setRoles(roleList);
            return user;
        }else if("xiaoming".equals(username)){//无权限访问，403
            User user = new User();
            user.setUserName("xiaoming");
            user.setUserPassword(passwordEncoder.encode("xm"));

            Role role = new Role();
            role.setName("ROLE_ADMIN");


            Permission permission = new Permission();
            permission.setName("add");
            role.getPermissions().add(permission);

            user.getRoles().add(role);
            return user;
        }
        return null;
    }
}
